Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

DDoS attacks on FIs on the rise: Verisign

Nurdianah Md Nur | March 2, 2015
Common attacks include User Datagram Protocol amplification attacks that leverage Network Time Protocol, and the Simple Service Discovery Protocol (SSDP).

Denial-of-service (DDoS) attacks are on the rise for the financial services industry, according to network infrastructure provider Verisign.

According to the company's "Q4 2014 DDoS Trends Report", the number of attacks against financial institutions doubled, accounting for 15 percents of all mitigations.

The most common attack vector was found to be the User Datagram Protocol (UDP) amplification attacks that leverage Network Time Protocol (NTP), followed by the Simple Service Discovery Protocol (SSDP). 

The report also revealed that the average DDoS attack size saw a 14 percent as compared to the third quarter of 2014. DDoS attacks reached 60 gigabits per second (Gbps)/16 Millions of packets per second (Mpps) for UDP floods and 55 Gbps/60 Mpps for Transfer Control Protocol (TCP)-based attacks, said Verisign. Besides that, 42 percent of the attacks peaked at more than 1 Gbps, with 17 percent leveraging more than 10 Gbps of DDoS traffic.

Verisign also found that the availability of DDoS-for-hire services - known as booters -was on the rise. This presents a huge risk for security professionals as it enables anyone to hire skilled cyber criminals to launch a targeted DDoS attack for as little as US$2 per hour.

Public sector at risk too
Besides the financial services sector, the public sector also experienced a large increase in DDoS attacks last year, with 15 percent of total mitigation in the fourth quarter of 2014 coming from that segment.

Verisign believes this increase may be attributed to attackers' increased use of DDoS attacks as tactics for politically motivated activism or hacktivism against various international governing organisations, as well as in reaction to various well-publicised events throughout the quarter, including protests in Hong Kong and Ferguson, Missouri. 

 

Sign up for Computerworld eNewsletters.